Modern software development is evolving away from the client-server model toward network-based processing systems that provide access to data and services via the Internet or other networks. In contrast to traditional systems that host networked applications on dedicated server hardware, a “cloud” computing model allows applications to be provided over the network “as a service” or “on-demand” by an infrastructure provider. The infrastructure provider typically abstracts the underlying hardware and other resources used to deliver a customer-developed application so that the customer no longer needs to operate and support dedicated server hardware. The cloud computing model can often provide substantial cost savings to the customer over the life of the application because the customer no longer needs to provide dedicated network infrastructure, electrical and temperature controls, physical security and other logistics in support of dedicated server hardware.
Multi-tenant cloud-based architectures have been developed to improve collaboration, integration, and community-based cooperation between customer tenants without sacrificing data security. Generally speaking, multi-tenancy refers to a system where a single hardware and software platform simultaneously supports multiple user groups (also referred to as “organizations” or “tenants”) from a common data storage element (also referred to as a “multi-tenant database”). The multi-tenant design provides a number of advantages over conventional server virtualization systems. First, the multi-tenant platform operator can often make improvements to the platform based upon collective information from the entire tenant community. Additionally, because all users in the multi-tenant environment execute applications within a common processing space, it is relatively easy to grant or deny access to specific sets of data for any user within the multi-tenant platform, thereby improving collaboration and integration between applications and the data managed by the various applications. The multi-tenant architecture therefore allows convenient and cost effective sharing of similar application features between multiple sets of users.
In practice, multi-tenant systems may service any number of users and/or tenants in any number of jurisdictions. In this regard, an individual jurisdiction may impose legal restrictions on what data is allowed to be transmitted and/or stored outside that jurisdiction or the manner in which that data is to be transmitted and/or stored. For example, a jurisdiction may require certain types of data (e.g., personal identification numbers and/or other personal information) be cryptographically obscured if that data is to be transmitted outside the jurisdiction. However, this data modification may impair the ability of the multi-tenant platform operator to adequately perform security-related operations or other data management functionality that would otherwise be performed on unencrypted data, which, in turn, could create vulnerabilities within the multi-tenant system.